11.04 2 3- The fixing of the silly memleak introduced a bug that could cause 4 crashes on some systems, fixed. Thanks to Jukka Anttonen for reporting 5 it. 6 71.03 8 9- At least one ftpd can't handle PROT before USER, this is (unfortunately) 10 allowed by the TLS FTP spec so handle it properly. 11 12- The debug mode crashed on Linux and probably some other OSes. 13 14- It now is possible to build a version for Windows 9x/ME (which does not 15 have the possibility to run as a service). This is the first version 16 ever to work properly on this platform, as the old Cygwin version 17 didn't work on 9x. 18 19- Improved the error handling for connection resets in the TLS handshake. 20 21- Improved the error handling for connection attempts blocked by software 22 firewalls in Windows. 23 24- Fixed a silly memleak. 25 261.02 27 28- Minor HP-UX fixes (UNIX95 vs UNIX98 vs current). 29 30- Fixed detection of recent versions of the Intel compiler on Linux, to 31 prevent a strange compilation error on Itanium systems. 32 33- A small fix to work with the recently released OpenSSL 0.9.8. 34 35- Since OpenSSL 0.9.8 supports 64-bit Windows (x64 and IA64), TLSWrap also 36 does: 37 38 I have provided an installer for Windows x64, just like for the normal x86 39 version. The installer is unfortunately 32-bit for now, but everything 40 else is 64-bit. The included OpenSSL DLLs are compiled with the Intel C++ 41 Compiler 9.0 for EM64T and should in many cases have superior performance 42 compared to the 32-bit versions (I get twice the speed with AES on my EM64T 43 CPU, but the performance will vary with algorithm and CPU type). 44 45 I found a bug in OpenSSL 0.9.8 that broke DES encryption when using the 46 latest Intel compiler. The included DLL's have this fix applied and the 47 next official version of OpenSSL 0.9.8 will also have this fix. 48 491.01 50 51- Fixed a bug in the startup code that could randomly prevent it from loading 52 on Windows XP Pro x64 edition (and theoretically on other Windows versions). 53 54- The Configuration Manager should not start if the TLSWrap service is not 55 installed, fixed. Improved some error messages. 56 571.00 58 59- Added support for active FTP (i.e. PORT and EPRT modes). 60 61- Added support for user certificates/certificate chains. To use this 62 feature, start TLSWrap with -P <path_of_user_certificate_directory> (or if 63 using the Windows service, with the configuration manager). After this, 64 TLSWrap will try to use <server-IP>.pem from the user certificate 65 directory. 66 67 The certificates must be in PEM format and must be sorted starting with the 68 subject's certificate (actual client certificate), followed by intermediate 69 CA certificates if applicable, and ending at the highest level (root) CA. 70 71- The TLSWrap Configuration Manager for the Windows service now supports 72 managing user certificates in addition to server certificates. 73 74- It is now possible to add and delete certificates using the buttons in the 75 TLSWrap Configuration Manager. It is also possible to rename a certificate 76 by clicking on its file name in the list. Also misc. improvements to the 77 certificate handling. 78 790.9 80 81- Added a GUI configuration tool and a tray monitor for the Windows version. 82 83- Fixed the error handling for DNS errors. TLSWrap now gives a "530 Could not 84 resolve hostname." error and it is possible to start over with a new USER 85 string without reconnecting. 86 87- Fixed a bug and a portability issue in the connection routines handling 88 refused connections. 89 90- Passive TCP ports below 256 were not handled correcly, reported with patch 91 by Christoph Hackman. It is unlikely that anyone was affected unless they 92 patched their ftpd to use privileged ports to get around their ISPs 93 throttling of higher ports. 94 95- It was not possible to change the token defaults anymore, fixed. 96 97- Added PKI support and a number of "security modes" to control it: 98 --------------------------------------------------------------------------- 99 0 - No certificate verification is done. (Default for now.) 100 101 1 - Relaxed whitelisting 102 -------------------- 103 On the first connection to a server, its certificates (control and 104 data connections are treated separately, for quite obvious reasons), will 105 will be saved in the certs dir (see below) as <server-IP>-<data/ctrl>.pem. 106 107 On subsequent connections, TLSWrap will verify the stored certificates 108 against those presented by the server. If the control connection 109 certificate doesn't match, tlswrap will say "530 TLSWrap certificate 110 verification failed, disconnecting." and disconnect. If the data 111 certificate doesn't match, it will print "425 TLSWrap data certificate 112 verification failed.", the data transfer will be aborted but TLSWrap will 113 stay connected with the server. 114 115 No other checks (such as expiration dates, CRLs, CAs) will be made on 116 the certificates. 117 118 2 - Strict whitelisting 119 ------------------- 120 Identical to mode 1 above, but with the difference that no new 121 certificates will be added. If TLSWrap can't find certificate file(s) 122 for a server, it will just disconnect. 123 124 3 - Relaxed PKI path validation 125 --------------------------- 126 This mode requires one or more X.509 CA certificates (or certificate chains) 127 in the form of a PEM file. All certificates must be valid. To specify CA 128 certificates, use -a <name_of_ca_PEM_file>. 129 130 Upon connection with a server, an encrypted TLS session is first eshtablished. 131 This yields the server's X.509 certificate which is validated using the 132 previously specified CA certificates. No certificate fields are used. 133 134 4 - Strict PKI path validation 135 -------------------------- 136 This works like above mode, but the certificate information is verified as 137 follows: 138 139 If the X.509v3 subject alternative name extension is present, then 140 the DNS name and IP address fields will be matched against the server's. 141 If there is no subjectAltName extension the commonName (CN) will be 142 compared against the DNS name. If either check fail then the connection 143 will be terminated. 144 145 ## This is the proper way to use X.509 certificates ## 146 147 --------------------------------------------------------------------------- 148 149 Set the default security mode with -s <mode> or dynamically with 150 the connection string +<mode>user@host:port 151 152- All server certificates will be stored and loaded from a certs/ subdirectory 153 from where tlswrap is started. This directory is automatically created the 154 first time tlswrap is started. An alternative directory may be specified with -p 155 <other_certs_dir>, but this directory must already exist. If you make the 156 directory manually, remember to set proper access rights (probably chmod 700). 157 158- Added support for building a native Windows NT/2000/XP version, which resulted 159 in a major speed improvement compared to the previous Cygwin versions. The same 160 source now builds the UNIX versions, the Cygwin version and a native Windows 161 version using either "Intel(R) C++ Compiler for 32-bit applications, 162 Version 8.1" or "Microsoft (R) 32-bit C/C++ Optimizing Compiler Version 163 12.00.8804 for 80x86". It is still possible to build a Cygwin version, but as 164 before, the performance is abysmal. 165 166- The native Windows version now supports installing itself as a system service, 167 and thus it can be started automatically at system boot and run in the background. 168 169 The official TLSWrap Windows installer allows for easy installation and 170 removal of the TLSWrap service, but see below how to do it manually: 171 172 Use 'tlswrap -I <options>' to install TLSWrap as a service, to be 173 started with <options> on system boot. If the options contain spaces, enclose them 174 with ", e.g. 'tlswrap -I "-l 6000"'. To install with the default options, use the 175 command 'tlswrap -I ""'. The service is automatically started after installation. 176 177 Use "tlswrap -R" to stop (if it is running) and remove the TLSWrap service. 178 179- Misc TLS changes, including cached SSL sessions for data connections. 180 181- Decreased the data buffer size from 8192 bytes to 4096 bytes on the native 182 MS Windows version. 183 184- Fixed a nasty bug concering aborted connections versus TLS nonblocking 185 stuff. 186 187- Fixed an old but very simple bug that could case the program to loop if 188 the server dropped the connection. 189 190- Fixed a bug reported by Markus Jevring that caused TLSWrap to stall in 191 certain cases. 192 193- Fixed so that it is possible to combine user string tokens, for example 194 use #% to get "implicit SSL without data encryption" (yes, it's still a 195 horrible non-standard). 196 1970.8 test 2 198 199- Added a Windows installer. 200 201- AES 256-bit is the default cipher now (requires OpenSSL 0.9.7), RC4 is the 202 alternative choice. 203 2040.8 test 1 205 206- %user@host:port can now be used to connect with servers using 207 "implicit SSL", a non-standard that immediately expects a SSL/TLS 208 handshake on the control connection, for example "Serv-U FTP server" with 209 "Allow only SSL/TLS sessions". Originated as a patch from Serg Kastelli 210 <sk(at)online-web.net> (thanks) but was bugfixed and changed from beeing 211 a commandline option. 212 213- Set TOS types in IP headers, originally from Thomas Habets 214 <thomas(at)habets.pp.se> (thanks) but was changed to work with 215 more than Linux... 216 217- misc source cleanups 218 219- EPSV wasn't 100% working, fixed. 220 2210.7 final 222 223- fixed a possibly unitialized variable. if you got the error: 224 "bind: Permission denied" while using multiple sessions, 225 this is now fixed. 226- only had RSA ciphers on the default cipherlist, added a few DHE algos. 227- removed too much from the documentation last spring cleaning, 228 put them back now: 229 230 -c max 231 Maximum number of client connections to handle. Defaults 232 to 5. 233 234 -C list 235 Select permitted SSL ciphers each separated by a colon. 236 2370.7 beta4 238 239- reject possible AUTH commands sent before USER. 240- its possible to change the #, @ and : characters used to 241 separate the username, hostname and port and to disable 242 data encryption, see README for details. 243 2440.7 beta3 245- forgot to initialize a flag structure when reusing objects, 246 could probably cause a crash. 247- added -h argument to specify ip or hostname to bind the 248 listening socket. The default is now 127.0.0.1, so you 249 who used it remotely *MUST* specify another IP to listen 250 to! 251 2520.7 beta2 253- changed the buffer size to 8192 bytes. 254- don't mess with the TCP buffer sizes 255- oops, had an abort() left in the code, no wonder it coredumped... 256 should fix everyone's "crash" problems! 257- removed some unnecessary crap from tls.c 258 2590.7 beta1 260 261- added support for EPSV (Extended Passive Mode) 262- wait to forward the control channel until a \n is found, fixes a 263 bug with badly written ftp servers (hi glftpd-TLS) that send a 264 packet for each character! 265- don't try to calculate the max fd, just use FD_SETSIZE 266 267 2680.6 269 270- Use inet_addr() if inet_aton() doesn't exist. 271- Added support for a entropy gathering daemon. 272- Lots of changes to make it as portable as possible. 273 2740.6 pre3 275 276- Added a check for RAND_status() to the configure script to work with 277 OpenSSL 0.9.4. Other misc fixes and changes. 278 2790.6 pre2 280 281- If the username starts with #, only encrypt control channel (for "FXP" 282 or "ftp proxy" use). 283